Android Security Update

Hey, the U.S. government is stealing my gig! The nice folks at the Department of Homeland Security (yes, the same people who brought you free irradiations, body scanners and airport gropings) are now turning their attention to everyday 'cyber threats.' So what do they (and other scare mongers) have to say about Android mobile gadget security? Read on...

"Stop. Think. Connect.”

That is the cogent slogan (for which many tax dollars were spent, no doubt) of DHS’s ongoing nationwide campaign aimed at “increasing the understanding of cyber threats and empowering the American public to be safer and more secure online.” Your cooperation is only technically optional; it is “a shared responsibility” of all good citizens. And if you’re not a good citizen, I suppose the NSA will know.

Another government agency, The Federal Communications Commission, is doing its part in the Stop.Think.Connect campaign. The FCC has made available on the Web a Smartphone Security Checker service. Just select your device’s operating system and the FCC will check it for vulnerabilities. Right? Actually not. All you get is a list of tips to help you check it yourself. The tips, which are customized for Android, Apple iOS, BlackBerry, and Windows Phone users are worth a read, though.

And this just in… a U.S. Army Cyber Crime Flyer is warning all and sundry of attacks specifically targeting Android devices. The Army’s bulletin takes the form of a PDF file because Adobe software has (cough) never, ever been compromised by malware. Well, not this year, anyway.

To put it very simply: don't follow the advice in any ad, popup, email or text message you receive that urges you to download an “update” to your Android operating system. Do not follow its instructions to click and automatically download the “update.” That is not how legitimate updates from your mobile service provider work. It will only get your device infected with malware that gives the attacker complete control over the device.

Just Drive On By…

Companies that market anti-virus software for desktop PCs have touted their products as an important defense against "drive-by viruses" that automatically download themselves and infect a computer, simply by visiting a web page. These same companies must long for the day when a similar threat exists for mobile phones and tablets.

I say this because Lookout Security, a mobile security vendor, has claimed that their software will protect against such threats, even though none exist. In the scenario that Lookout discusses, a file can be auto-downloaded to an Android device, but it's not installed without the user's help. Further, the malware can only be installed if the user has modified their phone's settings to specifically allow software to be installed from unknown sources. (That's one of the no-no's mentioned in the FCC tips above.)

I've discussed the issue of security software for mobile devices in Do You Need Mobile Security Protection? That article also talks about how to protect yourself from malicious apps, so I recommend that you check it out if you use your smartphone for anything other than making phone calls.

Your thoughts are welcome on the topic of security for Android smartphones and tablets. Post your comment or question below...

Most recent comments on "Android Security Update"

Posted by:
Mac 'N' Cheese
03 Sep 2013

Thanks for the vigilance, Bob. We're it not for you, millions of Americans might not realize that the government's hard-hitting publicity campaign has been in full swing for three years! Seriously. I, for one, had no idea.

Reading from the Department of Homeland Security PR release (thanks for the link), we get this jewel:

"In 2009, President Obama recognized the need to increase education and dialogue about cybersecurity. The President thereby issued the Cyberspace Policy Review."

"Thereby." That's an interesting word. It means "By that." As in, "He tripped, thereby breaking his leg." So the president issued a review by recognizing a need? Seriously. What do they mean, exactly?

And in order to "issue a review," don't you need to create it first? The President seems to have skipped that step.

But, according to the press release, the Policy Review which the President issued by recognizing the need "has become the blueprint from which our nation's cybersecurity foundation will transform into an assured and resilient digital infrastructure for the future."

Ah, our "cybersecurity foundation" (whatever that is) is going to "transform" into something that is "assured," whatever that means. It will become something resilient. Awesome!

How they gonna do that?

Easy peasy. The DHS came up with their Stop.Think.Connect. slogan. Don't you understand? Hearing that slogan will "help Americans understand the risks that come with being online."

Doh!

Then the real surprise. "The Stop.Think.Connect. Campaign launched on October 4, 2010."

Dude! It's already almost three years old! Ask yourself, "Are we more assured, more resilient, than we were three years ago?"

Just think! We wouldn't be where we are today without our wonderful government and its Stop.Think.Connect. Campaign.

Posted by:
jwildhair
07 Sep 2013

So, I am to believe that the same government who has been illegally spying on me, has my best interests heart. Well alrighty then. Thank you.

Posted by:
TheRube
08 Sep 2013

Oh Mr. Rankin:

YOU are not only Smart and Intelligent (and I dare say Good-Looking) BUT YOU are also one FUNNY Dude!
(I cracked up reading your opening statements above regarding the DHS " . . . and airport gropings . . . ")
- - almost fell out of my chair reading this!

Take Care,

TR

Somewhere on the East Coast of the United States of America

Post your Comments, Questions or Suggestions

* Name:
* Email:
(* = Required field)

(Your email address will not be published)

Comments: (you may use HTML tags for style)

YES... spelling, punctuation, grammar and proper use of UPPER/lower case are important! Comments of a political nature are discouraged. Please limit your remarks to 3-4 paragraphs. If you want to see your comment posted, pay attention to these items.

All comments are reviewed, and may be edited or removed at the discretion of the moderator.

NOTE: Please, post comments on this article ONLY.
If you want to ask a question click here.